Fatal编程技术网
  • pdf/
  • Pdf Byterange的数字签名问题

Pdf Byterange的数字签名问题

pdf

Pdf Byterange的数字签名问题,pdf,digital-signature,Pdf,Digital Signature,我在Windev中以编程方式对PDF进行签名,第一个签名正确显示在PDF上,但当我尝试使用第二个签名对PDF进行签名时,它会添加到PDF中,并显示“签名验证期间出错”。 签名包含不正确、无法识别、损坏或可疑的数据。 支持信息:SigDict/ByteRange值”。 我不面临byterange问题,如果我在PDF上使用单一签名,我如何使用第二个签名解决问题,任何帮助都将不胜感激,以下是PDF内容 %PDF-1.4 %äãÏÒ 30 obj endobj 40 obj > 流动 xœ3RðR0Ð

我在Windev中以编程方式对PDF进行签名,第一个签名正确显示在PDF上,但当我尝试使用第二个签名对PDF进行签名时,它会添加到PDF中,并显示“签名验证期间出错”。
签名包含不正确、无法识别、损坏或可疑的数据。 支持信息:SigDict/ByteRange值”。 我不面临byterange问题,如果我在PDF上使用单一签名,我如何使用第二个签名解决问题,任何帮助都将不胜感激,以下是PDF内容

%PDF-1.4
%äãÏÒ
30 obj
endobj
40 obj
>
流动
xœ3RðR0Ð30P
尾流
endobj
50 obj
endobj
60 obj
流动
xœUËNÄ0¼ó¾mš&HHha9þ208;¼’mØOmD=ízãîx>
endobj
10 obj
endobj
110 obj
endobj
20 obj
>
endobj
12 0 obj
>
endobj
13 0 obj
endobj
140 obj
>>
/标志3
/田地[
50R
50R
] 
>>
endobj
15 0 obj
/OpenAction[3 0 R/FitH null]
/AcroForm 14 0 R
/页面布局/1列
>>
endobj
外部参照
0 16
0000000000 65535 f
0000010154000000N
0000010318 00000N
00000000150万元
000000018500000N
0000000281000000N
0000000439000000N
0000000 963 00000n
000000 5311 00000 n
000000 5471 00000 n
000000569500000N
0000010211 00000N
00000 10407 00000 n
00000 10498 00000 n
0000011823000000N
000001196900000N
拖车
>
起始外部参照
12118
%%EOF
您的签名(尽管可能作为通用pdf签名有效)不是可互操作的签名

尤其是签名2签名字典具有以下签名字节范围数组:

/ByteRange[0 983 4691 1025 9396 3197]
也就是说,有三个范围,有两个间隔。虽然规范一般允许这样做,但可互操作的签名预计只有一个间隔:

对于字节范围签名,内容应为带“”分隔符的十六进制字符串。它应精确匹配字节范围指定的范围之间的空间

(ISO 32000-2第12.8.3.3节CMS(PKCS#7)签名)

要强调它:范围之间的空格,而不是它们之间的一个空格

对于PAdES签名,这是更加明确的

甚至在PDF成为ISO标准之前,AdobeAcrobat就已经拒绝了带有多个间隙的字节范围

由于不允许在pdf签名的签名字节范围内存在多个间隙,您可能想知道如何将多个签名应用于pdf。实际上,在同一版本中不可能添加多个可互操作的签名。但是,可以在单独的版本中添加它们,例如:

有关更多背景和后续链接,请阅读。

您的签名(尽管可能作为通用pdf签名有效)不是可互操作的

尤其是签名2签名字典具有以下签名字节范围数组:

/ByteRange[0 983 4691 1025 9396 3197]
也就是说,有三个范围,有两个间隔。虽然规范一般允许这样做,但可互操作的签名预计只有一个间隔:

对于字节范围签名,内容应为带“”分隔符的十六进制字符串。它应精确匹配字节范围指定的范围之间的空间

(ISO 32000-2第12.8.3.3节CMS(PKCS#7)签名)

要强调它:范围之间的空格,而不是它们之间的一个空格

对于PAdES签名,这是更加明确的

甚至在PDF成为ISO标准之前,AdobeAcrobat就已经拒绝了带有多个间隙的字节范围

由于不允许在pdf签名的签名字节范围内存在多个间隙,您可能想知道如何将多个签名应用于pdf。实际上,在同一版本中不可能添加多个可互操作的签名。但是,可以在单独的版本中添加它们,例如:

有关更多背景和后续链接,请阅读。

pdf中的一个小错误在AcroForms字典中,您的字段数组引用了Signature1两次,并引用了Signature2,而不是:
/Fields[5 0 R 5 0 R]
。Adobe Acrobat通过页面的注释找到Signature2(
[5 0 R 8 0 R]
)但是对于任意的pdf处理器,您不能指望这一点。顺便说一句,使用SHA1作为签名哈希算法是一个非常有问题的选择,请看pdf中的一个小错误在AcroForms字典中,您的字段数组引用了Signature1两次,而引用了Signature2根本没有:
/Fields[5 0 R 5 0 R]
。尽管如此,Adobe Acrobat还是可以通过页面的注释(
[5 0 R 8 0 R]
)查找签名2,但是对于任意pdf处理器,您不能指望它。顺便说一句,使用SHA1作为签名哈希算法是一个非常有问题的选择,请参阅 
%PDF-1.4
%äãÏÒ
3 0 obj
<</Type /Page
/Parent 1 0 R
/Resources 2 0 R
/MediaBox [0 0 612.00 792.00]
/CropBox [0.00 0.00 612.00 792.00]
/Contents 4 0 R
/Annots [
5 0 R 
8 0 R 
]
>>
endobj
4 0 obj
<< /Filter /FlateDecode /Length 25>>
stream
xœ3RðR0Ð30P(W0Ppât $ÕÀ
endstream
endobj
5 0 obj
<</Type /Annot /Subtype /Widget /Rect[91.68 561.91 180.67 641.40] /F 4 /FT /Sig /DR 2 0 R /AP <</N 6 0 R>> /T (Signature1) /V 7 0 R /P 4 0 R>>
endobj
6 0 obj
<</Type /XObject /Resources 2 0 R /BBox [91.68 561.91 180.67 641.40] /Filter /FlateDecode /Length 386>>
stream
xœÅUËNÄ0¼ó¾Ê&mš&HHha9Âþ Ð¥¼‘ØÝOmD=ízãÈîx<vÜyC³Cžš{Z4{Zi­©£yCÁ*È•F•š–Î÷©Rµ#àc„Fy½…]„ñ;]GX¨Âoá
O~áÉ ?#,UÈu‰S­•ö¿RõÆá’ÖC(tË£#ª¢ß¾Eöí™+ÜpÐÿÀ£²Q=â‚A+2À–¢ÇÃB¬wSæÞKΣ9œqˆ1¹™å(´cÒ(½íÁ^24Õb2Ô­¦$L“™¬m6ù:=L›·öö‰¯úŽoãz¨A^ƒ<ãçâ$1;?>\3©÷*T¹÷«rª°ãUä­^‰Íþ¤Á»¬aÁý
öü܉TòÀ”oûi„^×KfFÕu6ê5
Ëï´Ð,t‹úΩ |aQ/ŽýÏcÎ\u~Çó‡Q~$·ÃdYX±M†;#˘tIà0ÊÇ~s~˜müoÄÉy
endstream
endobj
7 0 obj
<</Contents <3082053906092A864886F70D010702A082052A30820526020101310B300906052B0E03021A0500300B06092A864886F70D010701A082036D3082036930820251A003020102021100D820443E1369825581180C68052920FE300D06092A864886F70D01010B05003058310B3009060355040613023931310D300B060355040A0C04746573743128302606092A864886F70D01090116196B757368616C612E67616A656E676940676D61696C2E636F6D3110300E06035504030C076B757368616C61301E170D3230303933303131333730355A170D3233313030313131333730355A3058310B3009060355040613023931310D300B060355040A0C04746573743128302606092A864886F70D01090116196B757368616C612E67616A656E676940676D61696C2E636F6D3110300E06035504030C076B757368616C6130820122300D06092A864886F70D01010105000382010F003082010A028201010094287F00A36075CA9EAC9ADA8B3E3D6A796E01E2878D1D4446756681282E93730B445979A1632861B0C84BE2DDC16F8EBBC958A336008A3C6D182A91FEDEE5DDC28E38FD90FF1D5CB8B678C8913F004B0354B8F237202AF1E253C569418CC99AAE3CD2289E1566388EA008EB195958C4ECFFE9AA3773CBE9387F8718F09FF32F6F496A7672E6D44FA63219A1D6A1C4E04E94A545C39604AB93E115C788F7DC233EED0F7F00F7258B0C7660B177206946CE96C82132A18CBC2F4EFE4B4BBCCB38CB7EB6F73A7EA9B7788132D7759315DEF8A32FC843EEC8E7DDEA353F4933445F40C7EEEF6471EF66ED174619D12490A123B04B8EC3D6BD26725B24C1BB19AFF30203010001A32E302C300B0603551D0F040403020398301D0603551D0E0416041482D1FD894B9D36BD611F3F21D4E6400CDF6C98FD300D06092A864886F70D01010B05000382010100519299835AD80C285BE5B5235E3F89B8672D9B3DBC06F540AB253B507ADBB81EBAFAAD6CEA4C114D2F4D2BEF3F04F7E7C29861620A3F38BE6983DEAE6F8350B4DACEEA39678F4E18987A173618DF4E1DD0A8169B97C6E53CB8AF65E4878D07F31EB219A830DF20A93A5203DEFA9A3A18A285E1BC67454B0D844FC97CEC9424E658B869BB7E3709108E6637005D6AABCBE2ECAD5FD932B0642DDECFD752B4DD7395096584E31F6ADF02185A60D40AE9D3821A24D7B361DE7CCAD92D0384C9707DC436CC9EF3099BB953E0CC2AD787C4C70907F0B9546C03BF415D2BA83145ABEFF74628CE39F4A8E002036DC1F38AFEB2ABCD8033C9460AECFA306CECA96BFD093182019430820190020101306D3058310B3009060355040613023931310D300B060355040A0C04746573743128302606092A864886F70D01090116196B757368616C612E67616A656E676940676D61696C2E636F6D3110300E06035504030C076B757368616C61021100D820443E1369825581180C68052920FE300906052B0E03021A0500300D06092A864886F70D010101050004820100521ADF0D0B0B7AA5189A2D7BDF01321CE918797B0FD419CB116398012204CC40DA7179C99CBDB00F2781ABD1F07B348F66597A52EEB0B44DE2F7EC213EB577618AC244C452C42235C410EFFD6732D6C5BF6F0B49C9FBCC196E42B0CFD1C7B554969D9FBA42D9EB8C6655A0AA17654D0223A9E24AD879A5978C02B6264B2AF13D37588F5B6F2E13B54C86AB988EDB39DF5CE4D75CE306703940E9B57B8F55F7F0CD84EAED22609B5551A2A83C41307EE0739F4333B67226944C88B99C9D4B0624FE6322B77F2BE9CC9FA0A9653FEC6DB7DA43C0A9852C600EB4AF1CFF38650659CB409E934D5EE95CEEA09FD828C64D176C692EE6C0C43BDD04B30C40A322303D0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000>/Type /Sig /Filter /Adobe.PPKLite /SubFilter /adbe.pkcs7.detached /M(D:20201003220222) /ByteRange [  0 983 4691 7902 ]                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            >>
endobj
8 0 obj
<</Type /Annot /Subtype /Widget /Rect[283.46 451.84 340.16 508.54] /F 4 /FT /Sig /DR 2 0 R /AP <</N 9 0 R>> /T (Signature2) /V 10 0 R /P 4 0 R>>
endobj
9 0 obj
<</Type /XObject /Resources 2 0 R /BBox [283.46 451.84 340.16 508.54] /Filter /FlateDecode /Length 86>>
stream
xœs
QÐw3T04RISp
á2Ð300PHWp
Q0²0Ö3±T0±4×37TIQÐHÔTW0Ó37R0 ss\C (M:È5Ò33A’Z  @Åd
endstream
endobj
10 0 obj
<</Contents <3082052B06092A864886F70D010702A082051C30820518020101310B300906052B0E03021A0500300B06092A864886F70D010701A08203643082036030820248A00302010202103324C663471D937E2A3B921DD2689216300D06092A864886F70D01010B05003054310B3009060355040613023931310D300B060355040A0C04746573743126302406092A864886F70D0109011617616D616C612E67616A656E676940676D61696C2E636F6D310E300C06035504030C05616D616C61301E170D3230303933303132313930385A170D3233313030313132313930385A3054310B3009060355040613023931310D300B060355040A0C04746573743126302406092A864886F70D0109011617616D616C612E67616A656E676940676D61696C2E636F6D310E300C06035504030C05616D616C6130820122300D06092A864886F70D01010105000382010F003082010A0282010100D2DABE9A6EACEC9CCA68387B71C1AD796DF6B32B7C0F19ACCA4884959E8CEFD83851992E08EB2C2534F615844D395F4267B1A3A05BAAF67925A0970CE6AB05C5D1F6F32F9A542800C09EA2465412E99463A884D52047C6C97BA683A940B9BCD9BCE8F0C945C0B68195DF555B3898F65A5755186BCACD3F422AEE7473EBECA39A7D2BD083F8668A16400AD36E657288EC789E698987C951FAE26B091923A55DA0940013D88B4C3E33FD5EDE658EC846A49D377EE22C02F4778940A7ED05A183707C89A259905CC1600B303B70ECC884CA733ECBA3ED2B4D054BD9E84DD5B6D884872C6FFB576A8D19146D1B1F62C3311C6DC370329F7D45F3DB4C0AC13F7185A50203010001A32E302C300B0603551D0F040403020398301D0603551D0E041604140F22F24AFB03DD4EFF43B047AC20CB2B7D9A8FE4300D06092A864886F70D01010B0500038201010068419D56AEEB79D8148CB98B9FC23D196D922BBA9FCCBF6161E6EB2D1F35E5ABDE1E38265B9AA2EF34361B74A4709078243D49A8EF0391D3DC12422364810BDC08BA97FD79A8074E875126496FB75077913C4880C0BAAE93869EDF179FDAF9964CE39364C9736340C44A15BBC97FB2E31362693A68A351DA9FC24D8132927C36F921B264C771C5C4C159F1189D6147B27A3A1D4F1802F3BC9349238E41FBC8B83750020D182CE2F121EFEF04959939F1FB6D521EFD287FF0612E9F8330A099B7A776D7C65E76DDD2A0C5C02D4F624BE8612B79AE89BCED6DDEC4B232F55AFC38B988DC44650DAC1939BED0F369A9F95054145FC1FE8B74482DE0793D4712ADA53182018F3082018B02010130683054310B3009060355040613023931310D300B060355040A0C04746573743126302406092A864886F70D0109011617616D616C612E67616A656E676940676D61696C2E636F6D310E300C06035504030C05616D616C6102103324C663471D937E2A3B921DD2689216300906052B0E03021A0500300D06092A864886F70D0101010500048201008CDD8F26D74DA5BD51BC978182F6470002F28D03BF3A57D7E4B2F55E4C58F4294922BDA48EDC5BE5E63C0644E5D0AAB9509C8CEA91F53D5BE7797BF27D93DF470B6119AAEA9C6E0746810CD98466A23BA9E36956EA84AF1863EE2DA9854E1DF209F12C528DD00FBBAF9C8C631986E326EDC41BCEE3A02A4DD89582952DF92A17300A40D7638E1AC85EF3E08442C8335B45A85A9400E73C5BC1606F32EB4B8CF554975872EB429BE54EB532B909B9751A878C0E27804EF97B9BC892A0C8C749CC844EA5EC79C48EAAF05FA0DB661FFD557C275F958636946A1F35DBBCBD6653AE4328D087C8A1F3F53B8E83CA4F971EA5F7F388FDFA06264B03C83656EC3B5AAE0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000>/Type /Sig /Filter /Adobe.PPKLite /SubFilter /adbe.pkcs7.detached /M(D:20201003220222) /Reference [ << /Type /SigRef /TransformMethod /DocMDP /DigestMethod /MD5 /TransformParams << /Type /TransformParams /P 1 /V /1.2 >> >> ] /ByteRange [  0 983 4691 1025 9396 3197 ]                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  >>
endobj
1 0 obj
<</Type /Pages
/Kids [3 0 R ]
/Count 1
>>
endobj
11 0 obj
<</Type /Font
/Name /F1
/BaseFont /Helvetica
/Subtype /Type1
/Encoding /WinAnsiEncoding
>>
endobj
2 0 obj
<</ProcSet [/PDF /Text /ImageB /ImageC /ImageI]
/Font <<
/F1 11 0 R
>>
>>
endobj
12 0 obj
<<
/Producer (WinDev 21.0 (21.0.52.3))
/CreationDate (D:20201003220222)
>>
endobj
13 0 obj
<</Type /Encoding 
/Differences [24 /breve /caron /circumflex /dotaccent /hungarumlaut /ogonek /ring /tilde 39 /quotesingle 96 /grave 128 /bullet /dagger /daggerdbl /ellipsis /emdash /endash /florin /fraction /guilsinglleft /guilsinglright /minus /perthousand /quotedblbase /quotedblleft /quotedblright /quoteleft /quoteright /quotesinglbase /trademark /fi /fl /Lslash /OE /Scaron /Ydieresis /Zcaron /dotlessi /lslash /oe /scaron /zcaron 160 /Euro 164 /currency 166 /brokenbar 168 /dieresis /copyright /ordfeminine 172 /logicalnot /.notdef /registered /macron /degree /plusminus /twosuperior /threesuperior /acute /mu 183 /periodcentered /cedilla /onesuperior /ordmasculine 188 /onequarter /onehalf /threequarters 192 /Agrave /Aacute /Acircumflex /Atilde /Adieresis /Aring /AE /Ccedilla /Egrave /Eacute /Ecircumflex /Edieresis /Igrave /Iacute /Icircumflex /Idieresis /Eth /Ntilde /Ograve /Oacute /Ocircumflex /Otilde /Odieresis /multiply /Oslash /Ugrave /Uacute /Ucircumflex /Udieresis /Yacute /Thorn /germandbls /agrave /aacute /acircumflex /atilde /adieresis /aring /ae /ccedilla /egrave /eacute /ecircumflex /edieresis /igrave /iacute /icircumflex /idieresis /eth /ntilde /ograve /oacute /ocircumflex /otilde /odieresis /divide /oslash /ugrave /uacute /ucircumflex /udieresis /yacute /thorn /ydieresis]
>>
endobj
14 0 obj
<< 
 /DA (/F1 0 Tf 0 g ) /DR << /Font <<  >> /Encoding << /PDFDocEncoding 13 0 R>> >>
/SigFlags 3
/Fields [
 5 0 R
 5 0 R
 ] 
 >>
endobj
15 0 obj
<<
/Type /Catalog
/Pages 1 0 R
/Perms << /DocMDP 10 0 R >>
/OpenAction [3 0 R /FitH null]
/AcroForm 14 0 R
/PageLayout /OneColumn
>>
endobj
xref
0 16
0000000000 65535 f 
0000010154 00000 n 
0000010318 00000 n 
0000000015 00000 n 
0000000185 00000 n 
0000000281 00000 n 
0000000439 00000 n 
0000000963 00000 n 
0000005311 00000 n 
0000005471 00000 n 
0000005695 00000 n 
0000010211 00000 n 
0000010407 00000 n 
0000010498 00000 n 
0000011823 00000 n 
0000011969 00000 n 
trailer
<<
/Size 16
/Root 15 0 R
/Info 12 0 R
/ID[<1880f857c9fd8764418cb8ef328b6100><1880f857c9fd8764418cb8ef328b6100>]
>>
startxref
12118
%%EOF